Google API 验证服务器端
Google API authentification Server-Side
我正在尝试使用 Gmail API 阅读电子邮件,但我 运行 遇到了一个问题,我想进行服务器端身份验证,但有所有示例来自 google 医生,他总是向我显示 window 要求我添加我的凭据(Gmail 和密码)。
public static async void CreateService()
{
GoogleCredential credential;
using (var stream = new FileStream(@"key.json", FileMode.Open,
FileAccess.Read))
{
credential = GoogleCredential.FromStream(stream)
.CreateScoped(GmailService.Scope.GmailLabels,
GmailService.Scope.GmailModify, GmailService.Scope.GmailMetadata,
GmailService.Scope.GmailReadonly);
}
var service = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Gmail",
});
Console.WriteLine(ListMessages(service, "me", ""));
}
然后我从 google api 关于如何读取用户消息的文档中得到了这段代码。
public static List<Message> ListMessages(GmailService service, String userId, String query)
{
List<Message> result = new List<Message>();
UsersResource.MessagesResource.ListRequest request = service.Users.Messages.List(userId);
request.Q = query;
do
{
try
{
ListMessagesResponse response = request.Execute();
result.AddRange(response.Messages);
request.PageToken = response.NextPageToken;
}
catch (Exception e)
{
Console.WriteLine("An error occurred: " + e.Message);
}
} while (!String.IsNullOrEmpty(request.PageToken));
return result;
}
但是当我 运行 它时,我得到这个错误:发生错误:
Google.Apis.Requests.RequestError
Bad Request [400]
Errors [
Message[Bad Request] Location[ - ] Reason[failedPrecondition] Domain[global]
]
答案:
如果你想用一个用户作为认证账号,那就不行。这是不可能的,您将始终收到一个登录 window 弹出窗口。
其他方法:
但是,您可以创建并使用服务帐户来冒充您的用户并绕过在 运行 上进行身份验证的需要。它们需要一些额外的设置,但您可以在 Google Developer Admin Console.
中创建它们
代码示例:
创建您的服务帐户并赋予其所需的角色和权限后(请参阅下面的链接),您只需对代码进行少量修改即可使用它而不是常规帐户。这是 Python 中的示例,但您可以在 managing keys page:
中找到其他示例
import os
from google.oauth2 import service_account
import googleapiclient.discovery
def create_key(service_account_email):
"""Creates a key for a service account."""
credentials = service_account.Credentials.from_service_account_file(
filename=os.environ['GOOGLE_APPLICATION_CREDENTIALS'],
scopes=['YOUR SCOPES HERE'])
# Rememer here that your credentials will need to be downloaded
# for the service account, YOU CAN NOT USE YOUR ACCOUNT'S CREDENTIALS!
service = googleapiclient.discovery.build(
'service', 'version', credentials=credentials)
key = service.projects().serviceAccounts().keys().create(
name='projects/-/serviceAccounts/' + service_account_email, body={}
).execute()
print('Created key: ' + key['name'])
参考文献:
我正在尝试使用 Gmail API 阅读电子邮件,但我 运行 遇到了一个问题,我想进行服务器端身份验证,但有所有示例来自 google 医生,他总是向我显示 window 要求我添加我的凭据(Gmail 和密码)。
public static async void CreateService()
{
GoogleCredential credential;
using (var stream = new FileStream(@"key.json", FileMode.Open,
FileAccess.Read))
{
credential = GoogleCredential.FromStream(stream)
.CreateScoped(GmailService.Scope.GmailLabels,
GmailService.Scope.GmailModify, GmailService.Scope.GmailMetadata,
GmailService.Scope.GmailReadonly);
}
var service = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Gmail",
});
Console.WriteLine(ListMessages(service, "me", ""));
}
然后我从 google api 关于如何读取用户消息的文档中得到了这段代码。
public static List<Message> ListMessages(GmailService service, String userId, String query)
{
List<Message> result = new List<Message>();
UsersResource.MessagesResource.ListRequest request = service.Users.Messages.List(userId);
request.Q = query;
do
{
try
{
ListMessagesResponse response = request.Execute();
result.AddRange(response.Messages);
request.PageToken = response.NextPageToken;
}
catch (Exception e)
{
Console.WriteLine("An error occurred: " + e.Message);
}
} while (!String.IsNullOrEmpty(request.PageToken));
return result;
}
但是当我 运行 它时,我得到这个错误:发生错误:
Google.Apis.Requests.RequestError
Bad Request [400]
Errors [
Message[Bad Request] Location[ - ] Reason[failedPrecondition] Domain[global]
]
答案:
如果你想用一个用户作为认证账号,那就不行。这是不可能的,您将始终收到一个登录 window 弹出窗口。
其他方法:
但是,您可以创建并使用服务帐户来冒充您的用户并绕过在 运行 上进行身份验证的需要。它们需要一些额外的设置,但您可以在 Google Developer Admin Console.
中创建它们代码示例:
创建您的服务帐户并赋予其所需的角色和权限后(请参阅下面的链接),您只需对代码进行少量修改即可使用它而不是常规帐户。这是 Python 中的示例,但您可以在 managing keys page:
中找到其他示例import os
from google.oauth2 import service_account
import googleapiclient.discovery
def create_key(service_account_email):
"""Creates a key for a service account."""
credentials = service_account.Credentials.from_service_account_file(
filename=os.environ['GOOGLE_APPLICATION_CREDENTIALS'],
scopes=['YOUR SCOPES HERE'])
# Rememer here that your credentials will need to be downloaded
# for the service account, YOU CAN NOT USE YOUR ACCOUNT'S CREDENTIALS!
service = googleapiclient.discovery.build(
'service', 'version', credentials=credentials)
key = service.projects().serviceAccounts().keys().create(
name='projects/-/serviceAccounts/' + service_account_email, body={}
).execute()
print('Created key: ' + key['name'])